AC_SUBST(PERL)
AC_PATH_PROG(ENT, ent)
AC_SUBST(ENT)
-AC_PATH_PROGS(FILEPRIV, filepriv, true, /sbin:/usr/sbin)
AC_PATH_PROG(TEST_MINUS_S_SH, bash)
AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
AC_PATH_PROG(TEST_MINUS_S_SH, sh)
)
LDFLAGS="$saved_LDFLAGS"
fi
- AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)])
+ AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
+ [AC_CHECK_LIB(s,authenticate,
+ [ AC_DEFINE(WITH_AIXAUTHENTICATE)
+ LIBS="$LIBS -ls"
+ ])
+ ])
AC_DEFINE(BROKEN_GETADDRINFO)
AC_DEFINE(BROKEN_REALPATH)
dnl AIX handles lastlog as part of its login message
AC_DEFINE(DISABLE_LASTLOG)
+ AC_DEFINE(LOGIN_NEEDS_UTMPX)
;;
*-*-cygwin*)
LIBS="$LIBS /usr/lib/textmode.o"
AC_DEFINE(IPV4_DEFAULT)
AC_DEFINE(IP_TOS_IS_BROKEN)
AC_DEFINE(NO_X11_UNIX_SOCKETS)
+ AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
+ AC_DEFINE(DISABLE_FD_PASSING)
+ AC_DEFINE(SETGROUPS_NOOP)
;;
*-*-dgux*)
AC_DEFINE(IP_TOS_IS_BROKEN)
;;
*-*-darwin*)
- AC_DEFINE(BROKEN_GETADDRINFO)
+ AC_MSG_CHECKING(if we have working getaddrinfo)
+ AC_TRY_RUN([#include <mach-o/dyld.h>
+main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
+ exit(0);
+ else
+ exit(1);
+}], [AC_MSG_RESULT(working)],
+ [AC_MSG_RESULT(buggy)
+ AC_DEFINE(BROKEN_GETADDRINFO)],
+ [AC_MSG_RESULT(assume it is working)])
;;
*-*-hpux10.26)
if test -z "$GCC"; then
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
- LIBS="$LIBS -lxnet -lsec -lsecpw"
+ LIBS="$LIBS -lsec -lsecpw"
+ AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
disable_ptmx_check=yes
;;
*-*-hpux10*)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
- LIBS="$LIBS -lxnet -lsec"
+ LIBS="$LIBS -lsec"
+ AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
;;
*-*-hpux11*)
CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
- LIBS="$LIBS -lxnet -lsec"
+ LIBS="$LIBS -lsec"
+ AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
;;
*-*-irix5*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
SONY=1
;;
*-*-netbsd*)
+ check_for_libcrypt_before=1
need_dash_r=1
;;
*-*-freebsd*)
*-*-sysv4.2*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
-# enable_suid_ssh=no
AC_DEFINE(USE_PIPES)
;;
*-*-sysv5*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
-# enable_suid_ssh=no
AC_DEFINE(USE_PIPES)
;;
*-*-sysv*)
CPPFLAGS="$CPPFLAGS -Dftruncate=chsize -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
LIBS="$LIBS -los -lprot -lx -ltinfo -lm"
- rsh_path="/usr/bin/rcmd"
RANLIB=true
no_dev_ptmx=1
AC_DEFINE(BROKEN_SYS_TERMIO_H)
LDFLAGS="$LDFLAGS -L/usr/local/lib"
LIBS="$LIBS -lprot -lx -ltinfo -lm"
no_dev_ptmx=1
- rsh_path="/usr/bin/rcmd"
AC_DEFINE(USE_PIPES)
AC_DEFINE(HAVE_SECUREWARE)
AC_DEFINE(DISABLE_SHADOW)
+ AC_DEFINE(DISABLE_FD_PASSING)
AC_CHECK_FUNCS(getluid setluid)
MANTYPE=man
;;
+*-*-unicosmk*)
+ no_libsocket=1
+ no_libnsl=1
+ AC_DEFINE(USE_PIPES)
+ AC_DEFINE(DISABLE_FD_PASSING)
+ LDFLAGS="$LDFLAGS"
+ LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
+ MANTYPE=cat
+ ;;
*-*-unicos*)
no_libsocket=1
no_libnsl=1
AC_DEFINE(USE_PIPES)
- LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal,-L/usr/local/lib"
- LIBS="$LIBS -lgen -lrsc"
+ AC_DEFINE(DISABLE_FD_PASSING)
+ AC_DEFINE(NO_SSH_LASTLOG)
+ LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
+ LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
+ MANTYPE=cat
;;
*-dec-osf*)
AC_MSG_CHECKING(for Digital Unix SIA)
# Checks for header files.
AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \
- getopt.h glob.h lastlog.h limits.h login.h \
+ getopt.h glob.h ia.h lastlog.h limits.h login.h \
login_cap.h maillock.h netdb.h netgroup.h \
netinet/in_systm.h paths.h pty.h readpassphrase.h \
rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \
sys/mman.h sys/select.h sys/stat.h \
sys/stropts.h sys/sysmacros.h sys/time.h \
- sys/un.h time.h ttyent.h usersec.h \
+ sys/un.h time.h tmpdir.h ttyent.h usersec.h \
util.h utime.h utmp.h utmpx.h)
# Checks for libraries.
[], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
)
AC_CHECK_FUNC(utimes,
- [], [ AC_CHECK_LIB(c89, utimes, LIBS="$LIBS -lc89") ]
+ [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
+ LIBS="$LIBS -lc89"]) ]
)
dnl Checks for libutil functions
[
#include <sys/types.h>
#include <dirent.h>
-int main(void){struct dirent d;return(sizeof(d.d_name)<=sizeof(char));}
+int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
],
[AC_MSG_RESULT(yes)],
[
]
)
+# Check whether the user wants GSSAPI mechglue support
+AC_ARG_WITH(mechglue,
+ [ --with-mechglue=PATH Build with GSSAPI mechglue library],
+ [
+ AC_MSG_CHECKING(for mechglue library)
+
+ if test -e ${withval}/libgssapi.a ; then
+ mechglue_lib=${withval}/libgssapi.a
+ elif test -e ${withval}/lib/libgssapi.a ; then
+ mechglue_lib=${withval}/lib/libgssapi.a
+ else
+ AC_MSG_ERROR("Can't find libgssapi in ${withval}");
+ fi
+ LIBS="$LIBS ${mechglue_lib}"
+ AC_MSG_RESULT(${mechglue_lib})
+
+# if test -e ${withval}/gssapi.h ; then
+# CPPFLAGS="$CPPFLAGS -I${withval}"
+# elif test -e ${withval}/include/gssapi.h ; then
+# CPPFLAGS="$CPPFLAGS -I${withval}/include"
+# else
+# AC_MSG_ERROR("Can't find gssapi.h in ${withval}");
+# fi
+
+ AC_CHECK_LIB(dl, dlopen, , )
+ if test $ac_cv_lib_dl_dlopen = yes; then
+ LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
+ fi
+
+ AC_DEFINE(GSSAPI)
+ AC_DEFINE(MECHGLUE)
+ GSSAPI="mechglue"
+
+ ]
+)
+
+
# Check whether the user wants GSI (Globus) support
gsi_path="no"
AC_ARG_WITH(gsi,
if test "x$gsi_path" != "xno" ; then
# Globus GSSAPI configuration
- AC_DEFINE(GSSAPI)
AC_DEFINE(GSI)
+ if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
+ AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus/GSI.])
+ fi
+ if test -z "$GSSAPI"; then
+ AC_DEFINE(GSSAPI)
+ GSSAPI="GSI"
+ fi
+
# Find GLOBUS/GSI installation Directory
AC_MSG_CHECKING(for Globus/GSI installation directory)
globus_install_dir=$gsi_path
if test "x$globus_install_dir" = "xyes" ; then
- if test -n "$GLOBUS_INSTALL_PATH" ; then
- globus_install_dir=$GLOBUS_INSTALL_PATH
- elif test -n "$GSI_INSTALL_PATH" ; then
- globus_install_dir=$GSI_INSTALL_PATH
- elif test -d /usr/local/globus ; then
- globus_install_dir="/usr/local/globus"
- elif test -d /usr/local/gsi ; then
- globus_install_dir="/usr/local/gsi"
- else
- AC_MSG_ERROR(Cannot find Globus/GSI installation directory)
- fi
+ AC_MSG_ERROR(Cannot find Globus/GSI installation directory -- a path must be specified!)
fi
AC_MSG_RESULT($globus_install_dir)
globus_dev_dir=`${dev_path_program}`
if test -z "$globus_dev_dir" -o "X$globus_dev_dir" = "X<not found>" ; then
- AC_MSG_ERROR(Cannot find Globus/GSI development directory)
+ AC_MSG_ERROR(Cannot find Globus/GSI development directory)
fi
if test ! -d "$globus_dev_dir" ; then
AC_MSG_CHECKING(for Globus flavor type)
if test "x$globus_flavor_type" = "xno" ; then
- GSI_LIBS="-lglobus_gss_assist -lglobus_gss -lglobus_gaa"
+ if test "$GSSAPI" = "mechglue"; then
+ GSI_LIBS="-lglobus_gss_assist -lglobus_gaa"
+ else
+ GSI_LIBS="-lglobus_gss_assist -lglobus_gss -lglobus_gaa"
+ fi
GSI_LDFLAGS="-L${globus_dev_dir}/lib"
- GSI_CFLAGS="-I${globus_dev_dir}/include"
+ GSI_CPPFLAGS="-I${globus_dev_dir}/include"
AC_MSG_RESULT(none)
else
GLOBUS_FLAVOR_TYPE_INCL_DIR="${globus_dev_dir}/include/${globus_flavor_type}"
fi
AC_MSG_RESULT($globus_flavor_type)
- GSI_LIBS="-lglobus_gss_assist_${globus_flavor_type} -lglobus_gssapi_gsi_${globus_flavor_type}"
- GSI_LDFLAGS="-L${globus_dev_dir}/lib"
- GSI_CFLAGS="-I${GLOBUS_FLAVOR_TYPE_INCL_DIR}"
+ if test "$GSSAPI" = "mechglue"; then
+ GSI_LIBS="${gsi_path}/lib/libglobus_gss_assist_${globus_flavor_type}.a"
+ else
+ GSI_LIBS="${gsi_path}/lib/libglobus_gss_assist_${globus_flavor_type}.a ${gsi_path}/lib/libglobus_gssapi_gsi_${globus_flavor_type}.a"
+ fi
+ GSI_CPPFLAGS="-I${GLOBUS_FLAVOR_TYPE_INCL_DIR}"
fi
LIBS="$LIBS $GSI_LIBS"
LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
- CFLAGS="$CFLAGS $GSI_CFLAGS"
-# End Globus/GSI section
+ CPPFLAGS="$CPPFLAGS $GSI_CPPFLAGS"
+ INSTALL_GSISSH="yes"
+else
+ INSTALL_GSISSH=""
fi
+AC_SUBST(INSTALL_GSISSH)
+# End Globus/GSI section
# Check whether user wants S/Key support
SKEY_MSG="no"
[
#include <stdio.h>
#include <skey.h>
-int main() { char *ff = skey_keyinfo(""); ff=""; return 0; }
+int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
],
[AC_MSG_RESULT(yes)],
[
dnl Checks for library functions.
AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \
clock fchmod fchown freeaddrinfo futimes gai_strerror \
- getaddrinfo getcwd getgrouplist getnameinfo getopt \
+ getaddrinfo getcwd getgrouplist getnameinfo getopt getpeereid\
getrlimit getrusage getttyent glob inet_aton inet_ntoa \
inet_ntop innetgr login_getcapbool md5_crypt memmove \
mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \
realpath recvmsg rresvport_af sendmsg setdtablesize setegid \
- setenv seteuid setlogin setproctitle setresgid setreuid setrlimit \
- setsid setvbuf sigaction sigvec snprintf socketpair strerror \
- strlcat strlcpy strmode strsep sysconf tcgetpgrp truncate utimes \
- vhangup vsnprintf waitpid __b64_ntop _getpty)
+ setenv seteuid setgroups setlogin setproctitle setresgid setreuid \
+ setrlimit setsid setpcred setvbuf sigaction sigvec snprintf \
+ socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \
+ truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty)
dnl IRIX and Solaris 2.5.1 have dirname() in libgen
AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
AC_CHECK_FUNCS(setutxent utmpxname)
-AC_CHECK_FUNC(getuserattr,
- [AC_DEFINE(HAVE_GETUSERATTR)],
- [AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls"; AC_DEFINE(HAVE_GETUSERATTR)])]
-)
-
AC_CHECK_FUNC(daemon,
[AC_DEFINE(HAVE_DAEMON)],
[AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
AC_TRY_RUN(
[
#include <stdio.h>
-int main(void){char b[5];snprintf(b,5,"123456789");return(b[4]!='\0');}
+int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
],
[AC_MSG_RESULT(yes)],
[
else
LIBPAM="-lpam"
fi
-
AC_SUBST(LIBPAM)
fi
]
)
fi
+# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
+# because the system crypt() is more featureful.
+if test "x$check_for_libcrypt_before" = "x1"; then
+ AC_CHECK_LIB(crypt, crypt)
+fi
+
# Search for OpenSSL
saved_CPPFLAGS="$CPPFLAGS"
saved_LDFLAGS="$LDFLAGS"
# Patch up SSL libraries for GSI authentication as needed
if test "x$globus_flavor_type" != "xno" ; then
+ #
# For Globus 2, always link with the static libraries
- LIBS="$LIBS ${gsi_path}/lib/libglobus_ssl_utils_${globus_flavor_type}.a ${gsi_path}/lib/libssl_${globus_flavor_type}.a ${gsi_path}/lib/libcrypto_${globus_flavor_type}.a"
+ #
+
+ libssl_utils="${gsi_path}/lib/libglobus_ssl_utils_${globus_flavor_type}.a"
+
+ #
+ # Trouble arrives at GT 2.1.3+ with the reorg of globus_ssl_utils. Compensating for
+ # the new library linking required here through file tests to see which libraries to
+ # link against.
+ #
+
+ libgsi_proxy_core="${gsi_path}/lib/libglobus_gsi_proxy_core_${globus_flavor_type}.a"
+ libgsi_credential="${gsi_path}/lib/libglobus_gsi_credential_${globus_flavor_type}.a"
+ libgsi_callback="${gsi_path}/lib/libglobus_gsi_callback_${globus_flavor_type}.a"
+ liboldgaa="${gsi_path}/lib/libglobus_oldgaa_${globus_flavor_type}.a"
+ libgsi_sysconfig="${gsi_path}/lib/libglobus_gsi_sysconfig_${globus_flavor_type}.a"
+ libproxy_ssl="${gsi_path}/lib/libglobus_proxy_ssl_${globus_flavor_type}.a"
+ libgsi_cert_utils="${gsi_path}/lib/libglobus_gsi_cert_utils_${globus_flavor_type}.a"
+ libopenssl_error="${gsi_path}/lib/libglobus_openssl_error_${globus_flavor_type}.a"
+ libopenssl="${gsi_path}/lib/libglobus_openssl_${globus_flavor_type}.a"
+
+ if test -r ${libgsi_proxy_core} \
+ -a -r ${libgsi_credential} \
+ -a -r ${libgsi_callback} \
+ -a -r ${liboldgaa} \
+ -a -r ${libgsi_sysconfig} \
+ -a -r ${libproxy_ssl} \
+ -a -r ${libgsi_cert_utils} \
+ -a -r ${libopenssl_error} \
+ -a -r ${libopenssl} ; then
+ LIBS="$LIBS ${libgsi_proxy_core}"
+ LIBS="$LIBS ${libgsi_credential}"
+ LIBS="$LIBS ${libgsi_callback}"
+ LIBS="$LIBS ${liboldgaa}"
+ LIBS="$LIBS ${libgsi_sysconfig}"
+ LIBS="$LIBS ${libproxy_ssl}"
+ LIBS="$LIBS ${libgsi_cert_utils}"
+ LIBS="$LIBS ${libopenssl_error}"
+ LIBS="$LIBS ${libopenssl}"
+ elif test -r ${libssl_utils}; then
+ LIBS="$LIBS ${libssl_utils}"
+ else
+ AC_MSG_ERROR(All of the required Globus Toolkit libraries are not present/configured correctly)
+ fi
+
+ #
+ # Standard openssl libraries. They need to appear near the end of the link line.
+ #
+
+ LIBS="$LIBS ${gsi_path}/lib/libssl_${globus_flavor_type}.a"
+ LIBS="$LIBS ${gsi_path}/lib/libcrypto_${globus_flavor_type}.a"
+
+ #
+ # Another "GT 2.1.3+"ism.
+ #
+
+ libcommon_path="${gsi_path}/lib/libglobus_common_${globus_flavor_type}.a"
+ if test -r ${libcommon_path}; then
+ LIBS="$LIBS ${libcommon_path}"
+ fi
else
if test "x$gsi_path" != "xno" ; then
# Older GSI needs -lssl too
]
)
+# Determine OpenSSL header version
+AC_MSG_CHECKING([OpenSSL header version])
+AC_TRY_RUN(
+ [
+#include <stdio.h>
+#include <string.h>
+#include <openssl/opensslv.h>
+#define DATA "conftest.sslincver"
+int main(void) {
+ FILE *fd;
+ int rc;
+
+ fd = fopen(DATA,"w");
+ if(fd == NULL)
+ exit(1);
+
+ if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
+ exit(1);
+
+ exit(0);
+}
+ ],
+ [
+ ssl_header_ver=`cat conftest.sslincver`
+ AC_MSG_RESULT($ssl_header_ver)
+ ],
+ [
+ AC_MSG_RESULT(not found)
+ AC_MSG_ERROR(OpenSSL version header not found.)
+ ]
+)
+
+# Determine OpenSSL library version
+AC_MSG_CHECKING([OpenSSL library version])
+AC_TRY_RUN(
+ [
+#include <stdio.h>
+#include <string.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#define DATA "conftest.ssllibver"
+int main(void) {
+ FILE *fd;
+ int rc;
+
+ fd = fopen(DATA,"w");
+ if(fd == NULL)
+ exit(1);
+
+ if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
+ exit(1);
+
+ exit(0);
+}
+ ],
+ [
+ ssl_library_ver=`cat conftest.ssllibver`
+ AC_MSG_RESULT($ssl_library_ver)
+ ],
+ [
+ AC_MSG_RESULT(not found)
+ AC_MSG_ERROR(OpenSSL library not found.)
+ ]
+)
# Sanity check OpenSSL headers
AC_MSG_CHECKING([whether OpenSSL's headers match the library])
[
#include <string.h>
#include <openssl/opensslv.h>
-int main(void) { return(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
+int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
],
[
AC_MSG_RESULT(yes)
[
#include <string.h>
#include <openssl/rand.h>
-int main(void) { return(RAND_status() == 1 ? 0 : 1); }
+int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
],
[
OPENSSL_SEEDS_ITSELF=yes
)
AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
-ssh_privsep_user=sshd
+SSH_PRIVSEP_USER=sshd
AC_ARG_WITH(privsep-user,
[ --with-privsep-user=user Specify non-privileged user for privilege separation],
[
if test -n "$withval"; then
- ssh_privsep_user=$withval
+ SSH_PRIVSEP_USER=$withval
fi
]
)
-AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$ssh_privsep_user")
+AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
+AC_SUBST(SSH_PRIVSEP_USER)
# We do this little dance with the search path to insure
# that programs that we select for use by installed programs
AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
AC_TRY_COMPILE(
- [ #include <sys/types.h> ],
+ [
+#include <sys/types.h>
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#include <sys/socket.h>
+#ifdef HAVE_SYS_BITYPES_H
+# include <sys/bitypes.h>
+#endif
+ ],
[ int64_t a; a = 1;],
[ ac_cv_have_int64_t="yes" ],
[ ac_cv_have_int64_t="no" ]
])
if test "x$ac_cv_have_int64_t" = "xyes" ; then
AC_DEFINE(HAVE_INT64_T)
- have_int64_t=1
-fi
-
-if test -z "$have_int64_t" ; then
- AC_MSG_CHECKING([for int64_t type in sys/socket.h])
- AC_TRY_COMPILE(
- [ #include <sys/socket.h> ],
- [ int64_t a; a = 1],
- [
- AC_DEFINE(HAVE_INT64_T)
- AC_MSG_RESULT(yes)
- ],
- [ AC_MSG_RESULT(no) ]
- )
-fi
-
-if test -z "$have_int64_t" ; then
- AC_MSG_CHECKING([for int64_t type in sys/bitypes.h])
- AC_TRY_COMPILE(
- [ #include <sys/bitypes.h> ],
- [ int64_t a; a = 1],
- [
- AC_DEFINE(HAVE_INT64_T)
- AC_MSG_RESULT(yes)
- ],
- [ AC_MSG_RESULT(no) ]
- )
fi
AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
fi
+dnl make sure we're using the real structure members and not defines
AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
ac_cv_have_accrights_in_msghdr, [
- AC_TRY_COMPILE(
+ AC_TRY_RUN(
[
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/uio.h>
+int main() {
+#ifdef msg_accrights
+exit(1);
+#endif
+struct msghdr m;
+m.msg_accrights = 0;
+exit(0);
+}
],
- [ struct msghdr m; m.msg_accrights = 0; ],
[ ac_cv_have_accrights_in_msghdr="yes" ],
[ ac_cv_have_accrights_in_msghdr="no" ]
)
AC_CACHE_CHECK([for msg_control field in struct msghdr],
ac_cv_have_control_in_msghdr, [
- AC_TRY_COMPILE(
+ AC_TRY_RUN(
[
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/uio.h>
+int main() {
+#ifdef msg_control
+exit(1);
+#endif
+struct msghdr m;
+m.msg_control = 0;
+exit(0);
+}
],
- [ struct msghdr m; m.msg_control = 0; ],
[ ac_cv_have_control_in_msghdr="yes" ],
[ ac_cv_have_control_in_msghdr="no" ]
)
fi
AC_CHECK_LIB(resolv, dn_expand, , )
+ # If we're using some other GSSAPI
+ if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
+ AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
+ fi
AC_CHECK_LIB(gssapi,gss_init_sec_context,
[ AC_DEFINE(GSSAPI)
K5LIBS="-lgssapi $K5LIBS" ],
$K5LIBS)
],
$K5LIBS)
-
+
AC_CHECK_HEADER(gssapi.h, ,
[ unset ac_cv_header_gssapi_h
CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
]
)
+ AC_CHECK_LIB(gssapi, gss_krb5_copy_ccache, /bin/true,
+ [ K5LIBS="-lgssapi_krb5 $K5LIBS"
+ AC_CHECK_LIB(gssapi_krb5, gss_krb5_copy_ccache, /bin/true,
+ AC_MSG_WARN([Cannot find gss_krb5_copy_ccache -- build may fail]),
+ $K5LIBS)
+ ],
+ $K5LIBS)
+
oldCPP="$CPPFLAGS"
CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
AC_CHECK_HEADER(gssapi_krb5.h, ,
[ CPPFLAGS="$oldCPP" ])
+ if test -z "$GSSAPI"; then
+ GSSAPI="KRB5";
+ fi
+
KRB5=yes
fi
]
LIBS="$LIBS $KLIBS $K5LIBS"
# Looking for programs, paths and files
-AC_ARG_WITH(rsh,
- [ --with-rsh=PATH Specify path to remote shell program ],
- [
- if test "x$withval" != "$no" ; then
- rsh_path=$withval
- fi
- ],
- [
- AC_PATH_PROG(rsh_path, rsh)
- ]
-)
PRIVSEP_PATH=/var/empty
AC_ARG_WITH(privsep-path,
- [ --with-privsep-path=xxx Path for privilege separation chroot ],
+ [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
[
if test "x$withval" != "$no" ; then
PRIVSEP_PATH=$withval
fi
],
[
- AC_PATH_PROG(xauth_path, xauth,,$PATH:/usr/X/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin)
+ TestPath="$PATH"
+ TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
+ TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
+ TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
+ TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
+ AC_PATH_PROG(xauth_path, xauth, , $TestPath)
if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
xauth_path="/usr/openwin/bin/xauth"
fi
XAUTH_PATH=$xauth_path
AC_SUBST(XAUTH_PATH)
fi
-if test ! -z "$rsh_path" ; then
- AC_DEFINE_UNQUOTED(RSH_PATH, "$rsh_path")
-fi
# Check for mail directory (last resort if we cannot get it from headers)
if test ! -z "$MAIL" ; then
]
)
if test -z "$MANTYPE"; then
- AC_PATH_PROGS(NROFF, nroff awf, /bin/false, /usr/bin:/usr/ucb)
+ TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
+ AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
MANTYPE=doc
elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
]
)
-AC_MSG_CHECKING(whether to install ssh as suid root)
-AC_ARG_ENABLE(suid-ssh,
-[ --enable-suid-ssh Install ssh as suid root (default)
- --disable-suid-ssh Install ssh without suid bit],
-[ case "$enableval" in
- no)
- AC_MSG_RESULT(no)
- SSHMODE=0711
- ;;
- *) AC_MSG_RESULT(yes)
- SSHMODE=4711
- ;;
- esac ],
- AC_MSG_RESULT(yes)
- SSHMODE=4711
-)
-AC_SUBST(SSHMODE)
-
-
# Where to place sshd.pid
piddir=/var/run
# make sure the directory exists